From 39f8aff8f5158f24fa6a47cd8655a49eb4d72c7d Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Tue, 30 Jun 2020 11:10:51 +0100 Subject: [PATCH] fuzzing: Test URI parsing with and without the strict flag This should test a few more code paths. Signed-off-by: Philip Withnall --- fuzzing/fuzz_uri_parse.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/fuzzing/fuzz_uri_parse.c b/fuzzing/fuzz_uri_parse.c index d878b80cc..4faed62a1 100644 --- a/fuzzing/fuzz_uri_parse.c +++ b/fuzzing/fuzz_uri_parse.c @@ -1,30 +1,38 @@ #include "fuzz.h" -int -LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) +static void +test_with_flags (const gchar *data, + GUriFlags flags) { - unsigned char *nul_terminated_data = NULL; GUri *uri = NULL; gchar *uri_string = NULL; - const GUriFlags flags = G_URI_FLAGS_NONE; - fuzz_set_logging_func (); - - /* ignore @size (g_uri_parse() doesn’t support it); ensure @data is nul-terminated */ - nul_terminated_data = (unsigned char *) g_strndup ((const gchar *) data, size); - uri = g_uri_parse ((const gchar *) nul_terminated_data, flags, NULL); - g_free (nul_terminated_data); + uri = g_uri_parse (data, flags, NULL); if (uri == NULL) - return 0; + return; uri_string = g_uri_to_string (uri); g_uri_unref (uri); if (uri_string == NULL) - return 0; + return; g_free (uri_string); +} + +int +LLVMFuzzerTestOneInput (const unsigned char *data, size_t size) +{ + unsigned char *nul_terminated_data = NULL; + + fuzz_set_logging_func (); + + /* ignore @size (g_uri_parse() doesn’t support it); ensure @data is nul-terminated */ + nul_terminated_data = (unsigned char *) g_strndup ((const gchar *) data, size); + test_with_flags ((const gchar *) nul_terminated_data, G_URI_FLAGS_NONE); + test_with_flags ((const gchar *) nul_terminated_data, G_URI_FLAGS_PARSE_STRICT); + g_free (nul_terminated_data); return 0; }